Immutable Nixos. My entire server deployment from partitioning to config is stored in git on all my machines.

Every time I boot all runtime changes are “wiped”, which is really just BTRFS subvolume swapping.

Persistence is possible, but I’m forced to deal with it otherwise it will get wiped on boot.

I use LVM for mirrored volumes for local redundancy.

My persisted volumes are backed up automatically to B2 Backblaze using rclone. I don’t backup everything. Stuff I can download again are skipped for example. I don’t have anything currently that requires putting a process in “maint mode” like a database getting corrupt if I backup while its being written to. When I did, I’d either script gracefully shutting down the process or use any export functionality if the process supported it.

or (pretend to) be female: https://lemmy.world/comment/10363254

I haven’t tested in Windows, but this is my setup Linux to Linux using rclone which the docs say works with Windows.

Server

• LUKS
• LVM
• Volgroup with a mishmash of drives in a mirror configuration
• Cache volume with SSD
• BTRFS /w Snapshots (or ZFS or any other snapshotting FS)
• (optional) Rclone local “remote” with Crypt if you want runtime encryption at rest and the ability to decrypt files on the server. You can skip this and do client side only if you don’t want the decryption key on the server.
• SFTP (or any other self-hosted protocol from https://rclone.org/docs/)

Client

• Rclone Config /w SFTP (or chosen protocol)
• (optional) Rclone Config /w Crypt
• Rclone mount with VFS.

I use this setup for my local files and a similar setup to my Backblaze B2 off site backups.

The VFS implementation has been pretty good. You can also manually sync. Their bisync I don’t fully trust though.

I can access everything through android using https://github.com/newhinton/Round-Sync. Not great for photos though as thumbnails weren’t loading without pulling the whole file last I tested a year ago.

Waffle

Some of this is a bit soft. Like, the 50% / 0% employment split says something about business’s ability to command labor. If we had an amazing economy with 50% unemployment, this would imply a large population that businesses either didn’t want or couldn’t access. And the former says something very different than the latter.

The worry for me is the “didn’t want” part. Automation is increasing throughput. The ultra wealthy are netting most of the value instead of humanity as a whole. Workers are getting laid off to keep profits increasing. Greed blocks mass access to surplus while the available job pool shrinks. Culture warfare is used as a distraction to vilify those who aren’t staying afloat as immoral leaches.

I doubt we could get to 50% without something like UBI. The unemployed would either die off due to lack of resources or a revolution happens to extract the horded wealth by force for another cycle of history. Doesn’t mean employers won’t try to min/max how much they can take.

When a measure becomes a target, it ceases to be a good measure.

• Goodhart’s law

Advertisers made it a target to have a high review score so now they are just another advertising cost.

SEO did the same to the web.

Bots and now AI are infecting social spaces as users figured out reviews are now shit and would turn to special interest groups.

One method depends on your storage provider. Rsync may have incremental snapshots, but I haven’t looked because my storage provider has it.

Sometimes a separate tool like rsnapshot (but probably not rsnapshot itself as I dont think its hard links interact well with rsync) might be used to manage snapshots locally that are then rsynced.

On to storage providers or back ends. I use B2 Backblaze configured to never delete. When a file changes it uploads the new version and renames the old version with a timestamp and hides it. Rsync has tools to recover the old file versions or delete any history. Again, it only uploads the changed files so its not full snapshots.

Yes. You compose a crypted vault over your storage vault. I pay about $1/mo for B2 Backblaze. Around 150G last I checked.

Important stuff (about 150G) is synced to all my machines and a b2 Backblaze bucket.

I have a rented seed box for those low seeder torrents.

The stuff I can download again is only on a mirrored lvm pool with an lvmcache. I don’t have any redundancy for my monerod data which is on an nvme.

I’m moving towards an immutable OS with 30 days of snapshots. While not the main reason, it does push one to practicing better sync habits.

I believe you will see OOM errors in journalctl. Also considered a systemd service or something to restart the process?

Glad you figured it out though!

I use EteSync to sync my contacts. It can do calendars also and has a self-hosted option. Personally I just use Proton for my calendar at the moment.

I haven’t tested any desktop syncing with EteSync, but maybe it will work for you.

I use DavMail to proxy an Exchange account so I don’t have to install Outlook on my phone.

Kevin Sussman is going to do the prequel/reboot.

I do a passphrase like the comic followed by 56 characters of gibberish using an https://onlykey.io/ (acts as a USB keyboard) that has a 10 digit pin (6 characters to choose from) and a kill switch pin (if I were ever forced to unlock it). I use this method for my disk encryption, main account login, and password manager.

I also use a https://www.themooltipass.com/ for vendor diversity (4 digit pin but all hex characters). I prefer the onlykey.

I rotate the gibberish monthly and the passphrase 2-3 times a year.

Once a year I change up the pin codes.

I figure that gives me enough entropy from brute force on all my systems with a balanced level of convienence and security. I literally don’t know a single one of my passwords.

Company A submits a new device for certification signed by their private key.

Company B certifies the device signed by their private key.

Company C on boards a device for an end-user and is confident it came from Company A and has been verified by Company B since the device has a certificate that can be verified from Companies A and B.

Yes it prevents home brew (though you can do home brew by replacing Company C with your own controller), but it also prevents knock offs.

When this information is distributed (like Lemmy federation), between instances, one has a degree of assurances all these records originated from the signer.

While the ledger part is not required, it provides a nice audit trail for the companies who do not trust each other enough without the transparency. Sure a central authority like the ESRB could do the same, but we could also all be on Reddit and not Lemmy…

I’m not, it was just an example data broker. You are 100% sure that data is not getting sold?

I picked Google because back in my days of ignorance, their rewards app would ask if I made X purchase at Y store down to the penny. I wasn’t using GPay/GWallet, just my a debit or credit card. The Y I get with location services. Them having the transaction amount leads me to assume credit card companies/payment processors/etc are sharing this data in near real time. Probably anonymously but with enough data points to trace it back to an individual with a degree of confidence.

So I use XMR when I can. Locations services are also off.

And not have to wait for a maintainer to update the package to have the latest version.

Privacy is a crime? I pay for several online services with XMR (or BTC swapped from XMR): Jmp.chat (mobile service), EteSync (E2EE contact sync), Proton Mail, Mullvad VPN, Usenet (might have an argument there).

Why can’t I access Google’s individual transactions but they should have access to mine?

https://csa-iot.org/certification/distributed-compliance-ledger/

Matter Distributed Client Ledger. In use by Apple, Amazon, Google, Samsung, and many more.

Contains all the attestation information for on boarding Matter devices. Where once it was Google Home vs Apple HomeKit vs Amazon Echo / Alexa, supporting devices can now work cross ecosystem.

Since many of these companies are competitors working together. A distributed ledger makes sense to keep everyone honest and provide a level of tech supported governance.

Plus DNS caching… I do DOT or DOH (forget which, setup years ago) from my router’s local DNS server without any noticeable latency.

Can try installing Avahi on the RPi (may come on the default image). It will advertise .local over mDNS / DNS-SD. I believe Avahi will advertise on link local if there is no default route to the internet.

Your system may automatically resolve the domain if its able to pickup the mDNS records to SSH in. Been a couple years since I’ve done it, so I could be forgetting a nuanced detail, but I vaguely remember just ‘plug and play’ if internet for the RPi wasn’t required.